Black Hat Webcast 2: Dan Kaminsky's DNS Discovery: The Massive, Multi-Vendor Issue and the Massive, Multi-Vendor Fix

12/19/08 • 57 min

Early in 2008, security researcher Dan Kaminsky located a gaping hole the basic underpinnings of the internet. This fundamental flaw in DNS security renders almost all DNS serves open to cache poisoning (US CERT VU#800113). As the vulnerability arises from flaws in the design of the DNS protocol, the issue affects nearly all vendors and nearly all products designed to work with DNS.
In the intervening time, Dan has worked with a coalition of vendors to create a fix for this very serious and ubiquitous vulnerability. On July 8th, technology vendors from across the industry simultaneously released patches for their products in a combined effort of historic proportion.

Previous Episode

Black Hat Webcast 1: The Forbidden Sneak Peek: Black Hat USA 2008

During this inaugural webcast, Jeff Moss provided an overview of prevailing security trends and technologies and was joined by several of the world’s leading security minds who will each provide a brief preview of the topics they presented at the Black Hat Briefings & Trainings in August 2008.
The presenters were:
Bruce Potter with Malware Detection Through Flow Analysis
Fyodor Vaskovich with Nmap - Scanning the Internet
Shawn Moyer and Nathan Hamiel with Satan is on My Friends List: Attacking Social Networks
Nate McFeters, John Heasman and Rob Carter with The Internet is Broken: beyond Document.Cookie - Extreme Client-Side Exploitation
Mike Reavey, Steve Adegbite and katie Moussouris with Secure the Planet! new Strategic Initiatives from Microsoft to Rock your World.

Next Episode

Black Hat Webcast 4: Trust Doesn't Scale: Practical Hijacking On the World's Largest Network

Our monthly free webcast series rolls on with another talk about a major vulnerability. This webcast is entitled "Trust Doesn't Scale: Practical Hijacking On the World's Largest Network." The webcast is based on a remarkable presentation by Tony Kapela and Alexander Pilosov at the DEFCON security conference this August. To illustrate their BGP-based traffic-hijacking techniques, they intercepted all traffic from the notoriously hostile conference network and ran it through their servers. The process was almost completely invisible to DEFCON attendees.
Their demonstration took advantage of a trust issue with Border Gateway Protocol (BGP), and it appears to be part of a larger security trend of major issues emerging in the bedrock protocols that support the Internet. Dan Kaminsky's DNS vulnerability relies on trust issues in DNS. In recent years major questions have been raised about SNMP and ICMP and at this writing there's word of a potentially major TCP exploit. Vulnerabilities like these raise significant questions about the business of security, the limits of patching, and the difficulties involved in securing a trust-based system.